class ActionDispatch::PermissionsPolicy::Middleware
Constants
- CONTENT_TYPE
- POLICY
-
The Feature-Policy header has been renamed to Permissions-Policy. The Permissions-Policy requires a different implementation and isn’t yet supported by all browsers. To avoid having to rename this middleware in the future we use the new name for the middleware but keep the old header name and implementation for now.
Public Class Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 32 def initialize(app) @app = app end
Public Instance Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 36 def call(env) request = ActionDispatch::Request.new(env) _, headers, _ = response = @app.call(env) return response unless html_response?(headers) return response if policy_present?(headers) if policy = request.permissions_policy headers[POLICY] = policy.build(request.controller_instance) end if policy_empty?(policy) headers.delete(POLICY) end response end
Private Instance Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 55 def html_response?(headers) if content_type = headers[CONTENT_TYPE] /html/.match?(content_type) end end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 65 def policy_empty?(policy) policy&.directives&.empty? end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 61 def policy_present?(headers) headers[POLICY] end